Thursday, October 24, 2019

using underground hacking scene, MSS officers, company insiders and state directives

Oct 15, 2019  Chinese government hackers working with the country’s traditional spies and agencies plotted and stole U.S. and European aircraft engine secrets to help Beijing leapfrog over its Western competitors in developing a domestic commercial aircraft industry, according to researchers at the cybersecurity protection firm CrowdStrike. 
  “Beijing used a mixture of cyber actors sourced from China’s underground hacking scene, Ministry of State Security or MSS officers, company insiders and state directives to fill key technology and intelligence gaps in a bid to bolster dual-use turbine engines which could be used for both energy generation and to enable its narrow-body twinjet airliner, the C919, to compete against Western aerospace firms,” CrowdStrike said in a report released Monday evening.    https://www.rollcall.com/news/policy/hackers-spies-helped-china-steal-jet-secrets-report-says
………....................
10-14-19  Analysis of the Study the Great Nation app found hidden elements that could help monitor use and copy data, said phone security experts Cure 53.
The app gives the government "super-user" access, the security firm said.
The Chinese government denied the app had the monitoring functions listed by the cyber investigators.
  Released in February, Study the Great Nation has become the most downloaded free program in China, thanks to persuasive demands by Chinese authorities that citizens download and install it.
  The app pushes out official news and images and encourages people to earn points by reading articles, commenting on them and playing quizzes about China and its leader, Xi Jinping.  Use of the app is mandatory among party officials and civil servants and it is tied to wages in some workplaces.
  Starting this month, native journalists must pass a test on the life of President Xi, delivered via the app, in order to obtain a press card which enables them to do their jobs.
On behalf of the Open Technology Fund, which campaigns on human rights issues, Germany cyber-security firm Cure 53 took apart the Android version of the app and said it found many undocumented and hidden features.
  In its lengthy report, Cure 53 said Study the Great Nation had "extensive logging" abilities and seemed to try to build up a list of the popular apps an individual had installed on their phone.    https://www.bbc.com/news/technology-50042379
……….....................
10-4-19   Research has revealed that Chinese state-sponsored hackers have been targeting at least six different cyber espionage campaigns in the Southeast Asian region since 2013. These hackers have changed how they operate over the last three years. 
  The report by Unit 42, the threat intelligence team of Palo Alto Network links major cybercrime campaigns to a Chinese hacker group called PKPLUG.  The name hints the popular tactic that these Chinese hackers use for delivering PlugX malware inside ZIP files.  These ZIP files are identified with the signature “PK".  The group has been seen installing backdoor Trojan implements on systems and mobile devices. 
  South Asian countries including Myanmar, Taiwan, Vietnam, and Indonesia are the main targets of the PKPLUG Group.  https://content.techgig.com/chinese-hackers-with-improved-techniques-targeting-southeast-asia-since-2013/articleshow/71741737.cms
…………………………….
Sep 27, 2019    China's APT10 hacking group suspected of cyber attacks against Airbus suppliers.  Four major attacks on Airbus's supply chain 
  European aerospace company
Airbus has been hit by a new series of cyber attacks targeting the company's suppliers in search of trade secrets. Citing security sources, a report by AFP claims  https://www.computing.co.uk/ctg/news/3082036/china-apt-10-suspected-of-cyber-attacks-airbus-suppliers
………………….
9-2019    
Ji Chaoqun easily blended in among the 2,900 international students at the Illinois Institute of Technology, a private school just off the Dan Ryan Expressway near White Sox park.
Except Ji was not just any student on campus.  Federal authorities allege he was secretly working for a Chinese spy agency.  https://www.chicagotribune.com/investigations/ct-chinese-espionage-chicago-20190926-xh74yrhorzakjpsnojyx4aapfm-story.html

……………………  
Sep 5, 2019   Chinese cyber hackers have been secretly building a "back door" that allows them to infiltrate U.S. company networks at a fraction of the cost to build them from scratch, cybersecurity firm Check Point said in summary of the report, which was released Thursday.
  China is one of the most active nation-state threat actors in the field of cyber warfare, Check Point said in a statement sent to Fox News, adding that as the U.S.-China trade war escalates, the Chinese are trying to position themselves to carry out larger and more sophisticated cyber-attacks.
  We are witnessing the “application of the same IP theft methodologies but now in an area that is way harder to fight against,” Mark Lechtik, lead cyber security researcher at Check Point, told Fox News.  https://www.foxnews.com/tech/chinese-cyber-hackers-have-built-a-backdoor-in-us-china-trade-war-says-report
…………………….…………
9-3-19  Chinese hackers have enjoyed access to the secure communications network of the European Union for several years, according to a New York Times report published Wednesday.
The hack, which reportedly swept up mountains of diplomatic cables, is another indication of the scale of Beijing’s increasingly apparent cyber espionage campaign. 
  The report is based on more than 1,100 cables obtained by cybersecurity firm Area 1, who first spotted the breach.  https://www.vice.com/en_in/article/bjeavv/chinas-hackers-have-been-reading-the-eus-secrets-for-years
………………….
3-12-19  Chinese hackers have repeatedly hit the Navy, defense contractors and even universities that partner with the service.
"We are under siege," a senior Navy official told The Journal. "People think it’s much like a deadly virus — if we don’t do anything, we could die."
Breaches have been "numerous," according to the review. While China is identified as the primary threat, hackers from Russia and Iran have also been causing their share of trouble.  https://www.businessinsider.com/chinese-hackers-are-tearing-the-navy-and-its-industry-partners-apart-2019-3
…………………….
3-6-19  Many of the institutes targeted had ties to the largest hub of oceanographic research in the US, the Woods Hole Oceanographic Institution. This in turn has strong ties to the US Navy. It is likely that the centre had been breached, according to iDefense.
  The analysts behind the report say they have "moderate to high confidence" that the perpetrator of the hacks is a known Chinese group called Mudcarp, which goes by other names including Temp.Periscope and Leviathan. They came to this conclusion after analysing the malware sent to the universities, and finding indicators associated with Mudcarp's previous activity.
  "Any technology or program that involves the delivery or launching of a payload from a submerged submarine, or undersea autonomous vehicles, is of high interest to Mudcarp," the report says. The group's connection to the Chinese government is not certain.  https://www.bbc.com/news/technology-47468443
………………
1-10-19   In October 2018, Microsoft would buy it for $7.5 billion…..“We are currently     experiencing the largest DDoS attack in GitHub’s history,” senior developer Jesse Newland wrote in a blog post almost 24 hours after the attack had begun. Over the next five days, as engineers spent 120 hours combating the attack, GitHub went down nine times.  It was like a hydra: every time the team thought they had a handle on it, the attack adapted and redoubled its efforts. GitHub wouldn’t comment on the record, but a team member who spoke to me anonymously said it was “very obvious that this was something we’d never seen before.”
  In the company’s internal chat room, GitHub engineers realized they would be tackling the attack “for some time.” As the hours stretched into days, it became something of a competition between the GitHub engineers and whoever was on the other end of the attack. Working long, frantic shifts, the team didn’t have much time to speculate about the attackers’ identity.  As rumors abounded online, GitHub would only say, “We believe the intent of this attack is to convince us to remove a specific class of content.”  About a 20-minute drive away, across San Francisco Bay, Nicholas Weaver thought he knew the culprit: China.
Weaver is a network-security expert at the International Computer Science Institute, a research center in Berkeley, California.  Together with other researchers, he helped pinpoint the targets of the attack:  two GitHub-hosted projects connected to GreatFire.org, a China-based anti-censorship organization.  https://www.technologyreview.com/s/612638/when-chinese-hackers-declared-war-on-the-rest-of-us/
…………………………..

No comments:

Post a Comment